We believe Internet of Things devices should all come with a well established expectation of what they will and will not do with consumer's data. In the article we put together the start of what we hope will help this effort - Minimizing Risk Is Easy: Adopt a Bill of Rights

Open is better than closed; this ensures portability between Internet of Things devices.

Consumers, not companies, own the data collected by Internet of Things devices.

Internet of Things devices that collect public data must share that data.

Users have the right to keep their data private.

Users can delete or back up data collected by Internet of Things devices.

Let us take responsibility together for building systems that are easier to use for good and harder to use maliciously

If you'd like to contribute to this living document, please post in the comments here or the Google+ post. Once it's in a pretty solid place we'll ask other companies that make "Internet of Things" devices to sign on. 10/21/2016 update: we're adding the following to consider too: "let us take responsibility together for building systems that are easier to use for good and harder to use maliciously".

3/22/2017 update: We are also considering the following! "Devices that are always listening have a physical OFF and ON switch that clearly indicates to the user if and when they're listening. For example, a good practice could include a physical OFF and ON switch, which breaks one of the power lines coming into the recording component, with an indicator LED powered and controlled only by the power line, that clearly indicates to the user when the devices is and isn't listening. Services/devices and API usage of such services/devices, including, for example, Amazon Alexa, Apple Siri, Google Home, and others should clearly indicate when they are ON and listening and OFF and are not."